What CISO’s really mean when they say “threat”

When I hear a CISO speaking about threats on an information security podcasts I know most everyone probably thinks they are talking about nation-state or criminal actors.

The truth is that they are more likely talking about things like retaining talent, holding onto budget, getting IT to get their shit together, over-zealous auditors, dealing with seemingly constant vendor failures, and trying to keep insurance underwriters in line.

More on these thoughts at a later time.

./dg

photorealistic rodan’s thinker statue using laptop – DALL-E